Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2014-4019
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.594
EPSS Ranking
98.1%
CVSS Severity
CVSS v3 Score
7.5
CVSS v2 Score
5.0
References
http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-Default.html
http://www.exploit-db.com/exploits/33803
http://www.osvdb.org/102668
https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilities/
http://packetstormsecurity.com/files/127129/ZTE-WXV10-W300-Disclosure-CSRF-Default.html
http://www.exploit-db.com/exploits/33803
http://www.osvdb.org/102668
https://osandamalith.wordpress.com/2014/06/15/zte-wxv10-w300-multiple-vulnerabilities/
Products affected by CVE-2014-4019
Zte
»
Zxv10 W300
»
Version:
N/A
cpe:2.3:h:zte:zxv10_w300:-
Zte
»
Zxv10 W300 Firmware
»
Version:
w300v1.0.0a_zrd_lk
cpe:2.3:o:zte:zxv10_w300_firmware:w300v1.0.0a_zrd_lk
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved